﻿<?php
header("Content-Type:text/html;charset=utf8");
// 禁止非 POST 方式访问
if(!isset($_POST['submit'])){
    exit('非法访问!');
}
// 表单信息处理
if(get_magic_quotes_gpc()){
	$nickname = htmlspecialchars(trim(isset($_POST['nickname'])));
	$email = htmlspecialchars(trim(isset($_POST['email'])));
	$content = htmlspecialchars(trim(isset($_POST['content'])));
} else {
	$nickname = addslashes(htmlspecialchars(trim(isset($_POST['nickname']))));
	$email = addslashes(htmlspecialchars(trim(isset($_POST['email']))));
	$content = addslashes(htmlspecialchars(trim(isset($_POST['content']))));
}
if(strlen($nickname)>16){
	exit('错误：昵称不得超过16个字符串 [ <a href="javascript:history.back()">返 回</a> ]');
}
if(strlen($nickname)>60){
	exit('错误：邮箱不得超过60个字符串 [ <a href="javascript:history.back()">返 回</a> ]');
}

require "conn.php";
require "function.php";

$createtime = time();
$ip = get_client_ip();
// 数据写入库表
$insert_sql = "INSERT INTO guestbook(nickname,email,face,content,createtime,clientip)VALUES";
$insert_sql .= "('$nickname','$email',$_POST[face],'$content',$createtime,'$ip')";

if(mysql_query($insert_sql)){
?>
<!doctype html>
<html>
<head>
<meta charset="utf8">
<meta http-equiv="Refresh" content="2;url=index.php">
<link rel="stylesheet" type="text/css" href="../style/style.css">
<title>留言成功</title>
</head>
<body>
<div class="refresh">
<p>留言成功！非常感谢您的留言。<br>请稍后，页面正在返回...</p>
</div>
</body>
</html>
<?php
} else {
	echo '留言失败：',mysql_error(),'[ <a href="javascript:history.back()">返 回</a> ]';
}
?>